Jump to content
jomi

Malwarebytes Endpoint Protection

Recommended Posts

Dear Forum,

 

I try to install Malwarebytes Endpoint Protection on our Multipoint Server 2011 system. 

In the first place it has been installing and asking to reboot. After the reboot, I got a failure message that Malwarebytes could not be started.

After later reboots, it continued asking for a reboot. No failure message.

I deinstalled with the MB clean program. But when attempting to reinstall it gives a failure message, stating that MB Endpoint Protection is already installed.

This is the log of the deinstaller:

2018-02-22 05:54:45.919   >>>>>Starting post reboot phase cleanup for Malwarebytes Endpoint Agent <<<<<<<<.
2018-02-22 05:54:45.919   HKLM\SYSTEM\CurrentControlSet\Services\MBEndpointAgent does not exist.
2018-02-22 05:54:45.919   Trying to delete path C:\ProgramData\Malwarebytes Endpoint Agent\
2018-02-22 05:54:45.919   Cannot delete path C:\ProgramData\Malwarebytes Endpoint Agent\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 05:54:45.919   Trying to delete path C:\Program Files\Malwarebytes Endpoint Agent\
2018-02-22 05:54:45.919   Cannot delete path C:\Program Files\Malwarebytes Endpoint Agent\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 05:54:45.919   >>>>>Starting post reboot phase cleanup for Malwarebytes version 3.x.x.xxxx <<<<<<<<.
2018-02-22 05:54:45.919   Trying to delete REG key: HKCU\SOFTWARE\Malwarebytes
2018-02-22 05:54:45.919   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2018-02-22 05:54:45.919   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2018-02-22 05:54:47.214   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMChameleon.sys
2018-02-22 05:54:47.214   Failed to delete C:\Windows\system32\drivers\MBAMChameleon.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:47.214   Trying to delete file or folder C:\Windows\system32\drivers\MBAMChameleon.sys on reboot
2018-02-22 05:54:47.214   Failed to delete C:\Windows\system32\drivers\MBAMChameleon.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:47.214   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2018-02-22 05:54:47.214   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2018-02-22 05:54:47.916   Trying to delete file or folder: C:\Windows\system32\drivers\mbam.sys
2018-02-22 05:54:47.916   Failed to delete C:\Windows\system32\drivers\mbam.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:47.916   Trying to delete file or folder C:\Windows\system32\drivers\mbam.sys on reboot
2018-02-22 05:54:47.916   Failed to delete C:\Windows\system32\drivers\mbam.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:48.946   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMSwissArmy.sys
2018-02-22 05:54:48.946   Failed to delete C:\Windows\system32\drivers\MBAMSwissArmy.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:48.946   Trying to delete file or folder C:\Windows\system32\drivers\MBAMSwissArmy.sys on reboot
2018-02-22 05:54:48.946   Failed to delete C:\Windows\system32\drivers\MBAMSwissArmy.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:48.946   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2018-02-22 05:54:49.913   Trying to delete file or folder: C:\Windows\system32\drivers\mwac.sys
2018-02-22 05:54:49.913   Failed to delete C:\Windows\system32\drivers\mwac.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:49.929   Trying to delete file or folder C:\Windows\system32\drivers\mwac.sys on reboot
2018-02-22 05:54:49.929   Failed to delete C:\Windows\system32\drivers\mwac.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:50.693   Trying to delete path C:\ProgramData\Malwarebytes\
2018-02-22 05:54:50.693   Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The directory name is invalid.(error=267))
2018-02-22 05:54:50.693   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2018-02-22 05:54:50.693   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 05:54:50.693   Trying to delete path C:\Program Files\Malwarebytes Endpoint Agent\
2018-02-22 05:54:50.693   Cannot delete path C:\Program Files\Malwarebytes Endpoint Agent\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 05:56:05.550   --------END OF LOG FILE ----------
2018-02-22 06:09:55.298   mb-clean:3.1.0.1031  @ Malwarebytes. All rights reserved.
2018-02-22 06:09:56.827   No Malwarebytes software installed.
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2018-02-22 06:09:59.767   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMChameleon.sys
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\MBAMChameleon.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder C:\Windows\system32\drivers\MBAMChameleon.sys on reboot
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\MBAMChameleon.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2018-02-22 06:09:59.767   Trying to delete file or folder: C:\Windows\system32\drivers\mbam.sys
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\mbam.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder C:\Windows\system32\drivers\mbam.sys on reboot
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\mbam.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMSwissArmy.sys
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\MBAMSwissArmy.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder C:\Windows\system32\drivers\MBAMSwissArmy.sys on reboot
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\MBAMSwissArmy.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2018-02-22 06:09:59.767   Trying to delete file or folder: C:\Windows\system32\drivers\mwac.sys
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\mwac.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder C:\Windows\system32\drivers\mwac.sys on reboot
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\mwac.sys, reason:(Access is denied.(error=5))
2018-02-22 06:10:00.469   Trying to delete path C:\ProgramData\Malwarebytes\
2018-02-22 06:10:00.469   Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The directory name is invalid.(error=267))
2018-02-22 06:10:00.469   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2018-02-22 06:10:00.469   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 06:10:00.469   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2018-02-22 06:10:00.469   Cannot delete path C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 06:10:00.469   --------END OF LOG FILE ----------

Thank you for your help and advice, it would be much appreciated,

Best regards,

Johannes

Share this post


Link to post
Share on other sites

Sorry, this is the log of the installation:

[1584:06FC][2018-02-22T06:25:01]i001: Burn v3.10.3.3007, Windows v6.1 (Build 7601: Service Pack 1), path: C:\Users\Johannes\AppData\Local\Temp\{E44F8021-30A6-479B-ADD2-16F1C07895E4}\.cr\Setup.MBEndpointAgent.Full.exe
[1584:06FC][2018-02-22T06:25:01]i000: Initializing string variable 'NEBULA_URL' to value 'https://cloud.malwarebytes.com'
[1584:06FC][2018-02-22T06:25:01]i000: Initializing string variable 'NEBULA_ACCOUNTTOKEN' to value '3dbff039-f08a-4f05-9159-3eadbbd59878'
[1584:06FC][2018-02-22T06:25:01]i009: Command Line: '-burn.clean.room=C:\Users\Johannes\Desktop\Downloads\Setup.MBEndpointAgent.Full.exe -burn.filehandle.attached=212 -burn.filehandle.self=220'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'WixBundleOriginalSource' to value 'C:\Users\Johannes\Desktop\Downloads\Setup.MBEndpointAgent.Full.exe'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'WixBundleOriginalSourceFolder' to value 'C:\Users\Johannes\Desktop\Downloads\'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'WixBundleLog' to value 'C:\Users\Johannes\AppData\Local\Temp\Malwarebytes_Endpoint_Agent_20180222062501.log'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'WixBundleManufacturer' to value 'Malwarebytes'
[1584:1884][2018-02-22T06:25:01]i000: Setting numeric variable 'WixStdBALanguageId' to value 1033
[1584:1884][2018-02-22T06:25:01]i000: Setting version variable 'WixBundleFileVersion' to value '1.1.2.0'
[1584:06FC][2018-02-22T06:25:01]i100: Detect begin, 3 packages
[1584:06FC][2018-02-22T06:25:01]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{949D1792-E377-4348-8BC4-6D643EF49B21}'
[1584:06FC][2018-02-22T06:25:01]i000: Setting numeric variable 'EA_INSTALLED' to value 0
[1584:06FC][2018-02-22T06:25:01]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{949D1792-E377-4348-8BC4-6D643EF49B21}'
[1584:06FC][2018-02-22T06:25:01]i000: Setting numeric variable 'EA_INSTALLED_32' to value 0
[1584:06FC][2018-02-22T06:25:01]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871'
[1584:06FC][2018-02-22T06:25:01]i000: Setting numeric variable 'KB2468871_NET32_INSTALLED' to value 0
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'NETFRAMEWORK40' to value '1'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'NETFRAMEWORK452' to value '394806'
[1584:06FC][2018-02-22T06:25:01]i052: Condition '(NETFRAMEWORK452 >= 379893)' evaluates to true.
[1584:06FC][2018-02-22T06:25:01]w120: Detected partially cached package: msi86, invalid payload: msi86, reason: 0x80070002
[1584:06FC][2018-02-22T06:25:01]i101: Detected package: NetFx452FullRedist, state: Present, cached: None
[1584:06FC][2018-02-22T06:25:01]i101: Detected package: msi86, state: Absent, cached: Partial
[1584:06FC][2018-02-22T06:25:01]i101: Detected package: msi64, state: Absent, cached: Complete
[1584:06FC][2018-02-22T06:25:01]i052: Condition '(VersionNT >= v6.0)' evaluates to true.
[1584:06FC][2018-02-22T06:25:01]i052: Condition '((NOT EA_INSTALLED) AND (NOT EA_INSTALLED_32) AND (NOT WixBundleInstalled))           OR           (WixBundleAction = 3)' evaluates to false.
[1584:06FC][2018-02-22T06:25:01]e000: Malwarebytes Endpoing Agent is already installed, please go to add/remove programs to remove it, and run the installation package again.
[1584:06FC][2018-02-22T06:25:01]e000: Error 0x81f40001: Bundle condition evaluated to false: ((NOT EA_INSTALLED) AND (NOT EA_INSTALLED_32) AND (NOT WixBundleInstalled))           OR           (WixBundleAction = 3)
[1584:06FC][2018-02-22T06:25:01]i199: Detect complete, result: 0x0
 

Share this post


Link to post
Share on other sites

Sorry, I just saw now in the log that the program needed to be uninstalled through control panel. - I did that, it worked but still after restart MB Endpoint Agent is not starting. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.